X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/bb7e2e85d50544c6b72eb40d57f513eeacf578d5..adb2f4cd6b1da8c8bc7f53be89ced2fa649b512f:/SL/IS.pm

diff --git a/SL/IS.pm b/SL/IS.pm
index c5fd8821f..64afc530a 100644
--- a/SL/IS.pm
+++ b/SL/IS.pm
@@ -44,6 +44,7 @@ use SL::DATEV qw(:CONSTANTS);
 use SL::DBUtils;
 use SL::DO;
 use SL::GenericTranslations;
+use SL::HTML::Restrict;
 use SL::MoreCommon;
 use SL::IC;
 use SL::IO;
@@ -396,7 +397,7 @@ sub invoice_details {
     push(@{ $form->{TEMPLATE_ARRAYS}->{taxnumber} },      $form->{"${item}_taxnumber"});
 
     my $tax_obj     = SL::DB::Manager::Tax->find_by(taxnumber => $form->{"${item}_taxnumber"});
-    my $description = $tax_obj->translated_attribute('taxdescription',  $form->{language_id}, 0) if $tax_obj;
+    my $description = $tax_obj ? $tax_obj->translated_attribute('taxdescription',  $form->{language_id}, 0) : '';
     push(@{ $form->{TEMPLATE_ARRAYS}->{taxdescription} }, $description . q{ } . 100 * $form->{"${item}_rate"} . q{%});
   }
 
@@ -546,6 +547,7 @@ sub post_invoice {
 
   # connect to database, turn off autocommit
   my $dbh = $provided_dbh ? $provided_dbh : $form->get_standard_dbh;
+  my $restricter = SL::HTML::Restrict->create;
 
   my ($query, $sth, $null, $project_id, @values);
   my $exchangerate = 0;
@@ -749,7 +751,7 @@ sub post_invoice {
                    (SELECT factor FROM price_factors WHERE id = ?), ?)|;
 
       @values = ($invoice_id, conv_i($form->{id}), conv_i($form->{"id_$i"}),
-                 $form->{"description_$i"}, $form->{"longdescription_$i"}, $form->{"qty_$i"},
+                 $form->{"description_$i"}, $restricter->process($form->{"longdescription_$i"}), $form->{"qty_$i"},
                  $form->{"sellprice_$i"}, $fxsellprice,
                  $form->{"discount_$i"}, $allocated, 'f',
                  $form->{"unit_$i"}, conv_date($form->{"reqdate_$i"}), conv_i($form->{"project_id_$i"}),